<?php

if(!defined('IN_UCHOME')) {
	exit('Access Denied');
}

require_once(S_ROOT.'./site/libs/func_util.php');
include_once(S_ROOT.'./site/libs/func_model.php');
include_once(S_ROOT.'./source/function_bbcode.php');

if ($_GET['op'] == 'login') {
        
    //没有登录表单
    $_SGLOBAL['nologinform'] = 1;
    $r['err'] = 0;

    //if(submitcheck('loginsubmit')) 
    {
        $password = $_POST['password'];
        $username = trim($_POST['username']);
        $cookietime = intval($_POST['cookietime']);
        
        $cookiecheck = $cookietime?' checked':'';
        $membername = $username;
        
        if(empty($_POST['username'])) {
            //showmessage('users_were_not_empty_please_re_login', 'do.php?ac='.$_SCONFIG['login_action']);
            $r['err'] = '对不起，用户名不能为空，请重新登录';
            echo json_encode($r);
            exit;
        }
        
        //同步获取用户源
        if(!$passport = getpassport($username, $password)) {
            $r['err'] = '对不起,登录失败,请重新登录';
            echo json_encode($r);
            exit;
        }
        
        $setarr = array(
            'uid' => $passport['uid'],
            'username' => addslashes($passport['username']),
            'password' => md5("$passport[uid]|$_SGLOBAL[timestamp]")//本地密码随机生成
        );
        
        include_once(S_ROOT.'./source/function_space.php');
        //开通空间
        $query = $_SGLOBAL['db']->query("SELECT uid, username FROM ".tname('space')." WHERE uid='$setarr[uid]'");
        if(!$space = $_SGLOBAL['db']->fetch_array($query)) {
            $space = space_open($setarr['uid'], $setarr['username'], 0, $passport['email']);
        }
        
        //检索当前用户
        $query = $_SGLOBAL['db']->query("SELECT password FROM ".tname('member')." WHERE uid='$setarr[uid]'");
        if($value = $_SGLOBAL['db']->fetch_array($query)) {
            $setarr['password'] = addslashes($value['password']);
        } else {
            //更新本地用户库
            inserttable('member', $setarr, 0, true);
        }

        //清理在线session
        insertsession($setarr);
        
        //设置cookie
        ssetcookie('auth', authcode("$setarr[password]\t$setarr[uid]", 'ENCODE'), $cookietime);
        ssetcookie('loginuser', $passport['username'], 31536000);
        ssetcookie('_refer', '');
        
        //同步登录
        include_once S_ROOT.'./uc_client/client.php';
        $ucsynlogin = uc_user_synlogin($setarr['uid']);
        
        //判断用户是否设置了头像
        $setarr = array();
        $avatar_exists = ckavatar($space['uid']);
        if($avatar_exists) {
            if(!$space['avatar']) {
                $setarr['avatar'] = 1;
                $setarr['updatetime'] = $_SGLOBAL['timestamp'];
            }
        } else {
            if($space['avatar']) {
                $setarr['avatar'] = 0;
            }
        }
        if($setarr) {
            updatetable('space', $setarr, array('uid'=>$space['uid']));
        }

        if(empty($_POST['refer'])) {
            $r['err'] = '对不起,登录失败,请重新登录';
            echo json_encode($r);
            exit;
        }
    }

    $membername = empty($_SCOOKIE['loginuser'])?'':sstripslashes($_SCOOKIE['loginuser']);
    $cookiecheck = ' checked';
    
    $r['refer'] = $_POST['refer'];
    echo json_encode($r);
    exit;
} elseif ($_GET['op'] == 'delreply') {
    
    include_once(S_ROOT.'./source/function_delete.php');
    $cid = empty($_GET['cid'])?0:intval($_GET['cid']);
    
    if(deletecomments(array($cid))) { 
        $r = 'ok';
    } else {
       ;  
    }
    echo json_encode($r);
    exit; 
} elseif ($_GET['op'] == 'srh_prof') {

    $q = strtolower($_GET["q"]);
    if (!$q) return;

    $query = $_SGLOBAL['db']->query("SELECT tagid, fieldid, pic, tagname FROM ".tname('mtag')." WHERE tagname LIKE '%$q%' AND tagtype=1");
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
        $profile_list[] = $value;
    }

    if (count($profile_list)) {
        $r['count'] = 1;
        $r['result'] = '';
        foreach ($profile_list as $key=>$value) {
           $r['result'] .= "$value[tagname]\n";
        }
        echo json_encode($r);
       exit;
    } else {
        $r['count'] = 0;
        echo json_encode($r);
        exit;
    }

} else if ($_GET['op'] == 'upload'){

    if(empty($_SGLOBAL['supe_uid'])) {
        echo json_encode(retrieve_login_form());
        exit;
    }

    $spotid=empty($_GET['spot'])?0:intval($_GET['spot']);
    $profid=empty($_GET['profile'])?0:intval($_GET['profile']); 
    ob_start();
    include_once template('site/tpl/upload');
    $bgcontent = ob_get_contents();
    ob_end_clean();
    $r['html']=$bgcontent;
    echo json_encode($r);
    exit;
} elseif ($_GET['op'] == 'dofan') {

    $tagid = empty($_GET['profid'])?0:intval($_GET['profid']);
	$mtag = $tagid?getprof($tagid):array();
   
    if (!$_SGLOBAL['supe_uid']) {
         $r = "oops";
         echo json_encode($r);
         exit;
    }

    if($mtag['status'] != -9) {
        if ($_GET['sop'] == 'nofan') {
            profile_out($mtag, array($_SGLOBAL['supe_uid']));//退出
            $r = "<a class=\"j a_dofan\" href=\"site.php?ac=ajax&op=dofan&sop=befan&profid=8\">加我</a>";
        }
        elseif (($_GET['sop'] == 'befan') && (profile_join('tagid', $tagid))) {
            $r = "<a class=\"j a_dofan\" href=\"site.php?ac=ajax&op=dofan&sop=nofan&profid=8\">退出</a>";
        }
        else {
            $r = "oops";
        }
    }
        
    echo json_encode($r);
    exit;

} elseif ($_GET['op'] == 'uppic') {
    $spotid=empty($_POST['spot'])?0:intval($_POST['spot']);
    $profid=empty($_POST['profid'])?0:intval($_POST['profid']); 

    $r['err'] = 0;
    if ($spotid) {
        $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('spot')." WHERE spotid='$spotid'");       
        if($spot = $_SGLOBAL['db']->fetch_array($query)) {
           $uploadfiles =  prof_pic_save($_FILES['userfile'], $spot['tag1'], $spot['tag2'], $_POST['pic_title'], $spot['spotid']);
           $r['type'] = 'spotid';
           $r['id'] = $spotid;
        }
    } else {
       $uploadfiles =  prof_pic_save($_FILES['userfile'], $profid, 0, $_POST['pic_title']);
       $r['type'] = 'profid';
       $r['id'] = $profid;
    }

	if($uploadfiles && is_array($uploadfiles)) {
        //$r['id'] = 
        //
	} else {
		$r['err'] = $uploadfiles;
	}
    
    echo json_encode($r);
    exit;
} elseif ($_GET['op'] == 'show_login') {
  
    echo json_encode(retrieve_login_form());
    exit;

} elseif($_GET['op'] == 'comment') {
	$cid = empty($_GET['cid'])?0:intval($_GET['cid']);
	
	if($cid) {
		$cidsql = "cid='$cid' AND";
		$ajax_edit = 1;
	} else {
		$cidsql = '';
		$ajax_edit = 0;
	}

	//评论
	$list = array();
	$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('comment')." WHERE $cidsql authorid='$_SGLOBAL[supe_uid]' ORDER BY dateline DESC LIMIT 0,1");
	while ($value = $_SGLOBAL['db']->fetch_array($query)) {
		realname_set($value['authorid'], $value['author']);
		$list[] = $value;
	}
	
	realname_get();

	ob_start();
	include template('site/tpl/do_ajax');
	$bgcontent = ob_get_contents();
    ob_end_clean();
        
	$r=$bgcontent;
	echo json_encode($r);
	exit;
}




?>
